By May Wang, Co-Founder & CTO, ZingBox
Headquartered in U.S., ZingBox is an enterprise Internet of Things (IoT) security solution provider protects enterprises from cyber and insider threats. Deployed in a non-intrusive way, ZingBox discovers, identifies and classifies assets into IoT categories.
In the U.S., October is National Cyber security Awareness Month. The increasingly connected world is bringing more efficiency and convenience to our lives and work, in the meanwhile increasing security risk surface. This worldwide issue is relevant to everybody on the planet. Shall we feel blessed about the future of the connected world, or scared because of more security risks?
The use of Internet (connected) devices is expanding, offering up even more potential targets for cyber attackers. Futurists anticipate that one day every kind of appliance or device will be ‘smart’ and accessible via the Internet. In fact, Gartner, foresees that by the year 2020, over 25 billion connected devices will be in use. All these connected assets will have the specific hardware, software, and IP addresses to make it possible for you to interact with them via the Internet, even though you may be on the other side of the globe. Welcome to the world of the Internet of Things (IoT).
Cybercrime is already big business and its growing non-stop. Experts predict that by 2019, cybercrime will cost organizations a total of over $2 trillion. Can IoT devices be secured? Do we need new security solutions?
If it is Online, It Can Be Hacked
All these IoT devices may greatly improve our lives, but they will also definitely improve cybercriminals’ chances of success, providing them with more opportunities to attack us. If devices can be accessed via Internet, they can also be hacked. It is more than worrisome that an HP study found that about 70 percent of IoT devices on the market were vulnerable, each having an average of 25 vulnerabilities!
As an example, I know of a private school in Tennessee that while my company was working with them to improve their IoT security, we discovered that they had five IoT devices that had inappropriate and unapproved access on them from suspicious external destinations on the Internet. The identified IoT devices were two-security cam DVRs, one security and fire alarm panel, and two smart controllers for HVAC.
As cybercrime grows, defending against cybercrime is a growth industry too. There are numerous security startups emerging to offer products and services to help organizations and enterprises, large and small, defend against the lone wolf hackers, cybercrime gangs, and even rogue nation-states. Among these startups, some companies are founded, and dedicated to protecting IoT devices. A few of these young businesses are doing more than just ‘re-inventing the wheel’ when it comes to security. They are developing and designing new methods of protection and new forms of cyber defense.
Until recently, IT security vendors and their solutions were divided into two categories of - Endpoint Security or Network Security. Endpoint security products feature antivirus tools, and are characteristically agent-based (software or hardware) and installed on computers/endpoints. Network security products are firewalls that are deployed to defend the network perimeter, sort of like a moat in front of a castle. However, neither Endpoint Security nor Network Security is sufficiently equipped to fully protect IoT devices.
Challenges of Securing IoT Devices
The challenges of securing IoT devices starts with the fact that there are many different types. Endpoint security solutions are designed to protect a homogeneous infrastructure made up of standardized IT equipment such as desktops, laptops, and servers. Agent-based solutions work well in such an environment, but IoT devices come in a wide variety of operating systems and platforms that lack standardization and uniformity. Deploying agents on IoT devices is not feasible.
Network Security solutions are designed to function in real-time as an inline device with a greater focus on speed over threat detection. These network security solutions fall short at securing IoT devices because of they do not provide IoT visibility, are unable to monitor east-west traffic, and have a signature and behavior based approach that cannot detect IoT threats. In addition, because some targeted attacks have an extended time horizon, Network Security is not able to ‘connect the dots’.
Another big challenge to protecting IoT devices is that they have a much longer lifecycle when compared to IT devices. Many IoT devices are deployed with a life expectancy (some 15 to 20 years), thus making it difficult for network administrators to manage them. Most IoT devices are not designed to be easily upgraded. Once deployed, they generally run the factory default software with no provisions to be updated. Hence, a new approach is necessary.
The New Approach to Protecting IoTs
Real-time discovery, visibility, and threat detection are attributes of a new approach to security for IoT devices. These types of solutions provide visibility and control for all network traffic, both north south (crossing the network perimeter, outside the network) as well as east west (within the network boundaries). Solutions in this new category function like a control system that inspects and analyzes all network traffic. This is like having a video surveillance system in an apartment building that monitors the comings and goings of tenants and identifies intruders.
Additionally, this new type of security is groundbreaking because it makes use of machine learning technology, a form of AI (artificial intelligence). These solutions are also generally configuration-free and use machine learning algorithms to automatically discover, identify, classify, and generate normal baselines of network behaviors of connected devices. Remediation measures can then be enforced along with notifying the IT security staff when deviations to the normal device behaviors occur.
The present and future of network-connected devices will offer great opportunities for improving the prospects of businesses, large and small, along with the lives of individuals. However, everyone needs to be aware of the inherent vulnerabilities that come with IoT devices and be proactive in addressing the security challenges that come with them. We should feel blessed about the connected world while equip ourselves with effective IoT security solutions, so that we do not feel scared.